Technology

President Barack Obama signed into law Wednesday, May 11th, a bill that will provide protection for trade secrets on the federal level.

This new legislation, called the Defend Trade Secrets Act of 2016, or DTSA, has been hailed by commentators as an extremely significant addition to federal intellectual property law. The DTSA was created as an amendment to the Economic Espionage Act of 1996 to provide civil remedies for trade secret violations under federal law. While some potential issues exist, I believe that this new law should be beneficial to many companies because of the possible increased trade secret protection and aggressive potential remedies that it will provide.

Trade secret protection in the U.S. has primarily been available under applicable state law. The Uniform Trade Secrets Act provides some consistency, and it has been adopted by 48 states. The trade secret laws of the various states are not totally uniform, however, and this has sometimes made it difficult for companies to protect their trade secrets under the various state laws. Legal actions involving trade secret protection have generally been brought in state courts. Since the DTSA is a federal law, more trade secret actions will now be able to be brought in federal court, providing an additional potential venue for these actions.

The DTSA does not replace or preempt existing state laws. As a result, this could be an advantage to companies as it may provide a separate method of protecting their trade secrets. The DTSA also defines trade secrets a little more broadly, using “public economic value” as the heart of the trade secret definition. This broader definition of what constitutes a trade secret may expand the range of information that a company can claim as a trade secret.

That said, there is a potential problem here: the DTSA does not provide a uniform system of trade secret law and instead establishes a federal level of trade secret law on top of the existing states’ trade secret laws. This could increase the number and the complexity of legal actions involving trade secrets. Therefore, a company that wishes to assert a trade secrets action will need to analyze which court — state or federal — will be more advantageous, and this will likely vary with the different circumstances of each situation.

In business, we’ve all seen the traditional nondisclosure agreement (also known, more simply, as the “NDA”) between two parties wishing to discuss a potential business transaction. While NDAs are good tools to protect a party’s confidential information during such discussions, businesses must take care to ensure that an NDA does not jeopardize the strong protections traditionally available to them under state laws.

State trade secret laws can provide substantial protection to certain confidential information, including trade secrets. These protections generally apply to information or materials that (1) have independent economic value; and (2) are kept “secret” by the owner. Importantly for purposes of meeting the secrecy requirement, most state laws provide that, so long as the owner takes measures to protect the secrecy of the information or materials that are reasonable under the circumstances, the requirement will be deemed met. Entering into an NDA sure sounds like at least one reasonable measure to protect the secrecy of a business’ confidential information, including its trade secrets. But business must beware: certain provisions of NDAs, if not properly addressed, could endanger state law protections regarding trade secrets. These provisions generally fall into one of two categories:

1. The term of the NDA. In many cases, the term of the NDA is limited to a one, two or three year period. The issue with NDAs of limited duration stems from the fact that, once expired, the recipient of trade secrets under the NDA might have no duty to keep such information or materials confidential. Under these circumstances, once the NDA has expired, some courts may find that the owner of a trade secret is no longer taking reasonable measures to keep its trade secret a “secret.” As a result, the relevant information or materials may lose trade secret protections under state law.

On September 19, Chinese e-commerce giant Alibaba completed the initial public offering of its stock. The underwriters for the offering subsequently exercised their option to buy additional shares, making this the largest IPO in history at $25 billion. The stock’s price immediately jumped by a huge amount, finishing its first day of trading at $93.89, a 38% increase over its $68.00 IPO price. The stock has since lost some ground, closing at $87.17 on Tuesday.

What does this massive IPO mean for U.S. technology companies? I see four possible areas of impact:

U.S. technology companies may delay their IPOs until they see how the Alibaba stock performs. This could be a short delay if the stock price holds up or does well. Right now U.S. technology companies Hubspot, Lendingclub.com, GoDaddy.com and Box, among others, are expected to conduct IPOs this fall.

These are interesting times for technology companies that are contemplating initial public offerings. For companies of sufficient size, the exchange for the listing of their securities generally comes down to the New York Stock Exchange and the Nasdaq Stock Market. The NYSE has historical prestige and a long track record, while the Nasdaq has cultivated a progressive, tech-friendly reputation. If you are a high visibility technology company, you will probably find these exchanges actively competing for your listing. Such benefits as free advertising have been used, and business deals involving a company’s services may influence a company’s decision as to which exchange to list its securities. For example, Oracle’s switch to the NYSE from Nasdaq was reportedly in part due to an agreement by the NYSE to continue to use Oracle software in its operations.

Nasdaq has long been the favorite exchange for the listing of technology company offerings. This was probably due to the initial progressive use of automation and electronics in this exchange’s early operations which resonated with technology company executives. Rather than traders waving pieces of paper (the historical process at the NYSE), Nasdaq pioneered the use of electronic quotation boards and other advanced methods in its operations. Nasdaq was willing to list the offerings of smaller companies and was also cheaper than the NYSE. All of these factors allowed Nasdaq to build a reputation as the technology companies’ preferred exchange. This reputation was fostered and supported by the listing of a large number of technology companies, including big hitters like Apple and Microsoft.

The next big tech IPO is in the works. Twitter, the hugely popular short message social media site, announced last week that it has filed a Form S-1 registration statement with the SEC in connection with the company’s proposed initial public offering. This IPO has been rumored and anticipated for some time, and it will generate substantial interest among members of the tech and investment communities. This offering may not have the impact of last year’s Facebook IPO, but it will be close.

Twitter appropriately announced its planned IPO in a tweet on September 12:

(followed by a “get back to work” tweet):

This offering should proceed more smoothly and productively than the ill-fated Facebook IPO. The various participants in the IPO process learned a lot from the significant problems that the Facebook IPO encountered, and in some cases these lessons were driven home by significant monetary penalties (See my prior blog post regarding the Facebook IPO and its problems). No one wants a repeat of that situation, especially with such a high profile IPO. Twitter has also always impressed me as a more thoughtful and rational company than some in the tech space, and this should carry through in their IPO.

In its IPO filing process Twitter took advantage of one of the key available provisions of the JOBS Act. Section 6(e) of the Securities Act allows an “emerging growth company” to file an IPO registration statement on a confidential basis. This provision is designed to give the company and the SEC time to identify and work through potential problem areas or issues before investors see any information. It also allows companies to keep material nonpublic information confidential until late in the SEC review process. If the company decides not to proceed with its IPO, it has avoided the public disclosure of this information. If the company and the SEC can work out these problems and issues satisfactorily, the registration statement (amended as necessary) eventually becomes available to the public and the IPO process goes forward. This should make the registration process very quick and efficient after it emerges from the initial SEC review.

This confidential filing opportunity has been popular with emerging growth companies. According to an Ernst & Young JOBS Act study, approximately 63% of eligible companies used this process during the first year of its availability under the JOBS Act. The SEC has published a set of helpful FAQ’s which clarify many components of this confidential filing process.

Almost 10 months since Superstorm Sandy caused widespread destruction to the northeastern U.S., an area not known for frequent hurricane activity, the people and businesses affected have still not fully recovered. As we now reenter the peak of hurricane season, businesses along the eastern seaboard are probably taking a closer look now than in years past at their disaster preparedness in light of last year’s events. The impact of Hurricane Sandy was certainly not limited to the U.S. In reality, there were global implications as, for example, U.S. equity and options markets were closed for two full trading days following the storm. As a result, the SEC, FINRA and the CFTC undertook a joint review of their individual business continuity and disaster recovery planning. Last week, on August 16, these three regulatory agencies issued a joint release outlining some lessons learned and best practices noted in their investigations and review.

Nasdaq OMX Group, Inc. announced today that it will enter into a joint venture with SharesPost, Inc. to form a marketplace for the trading of shares of unlisted companies. This is an interesting and cutting edge move that solves some problems for both Nasdaq and SharesPost. This new marketplace should be very positive for rapidly growing and large private companies which want to allow some trading in their shares but which are not ready to become publicly traded companies. It will also give investors opportunities to buy the shares of large private companies before the shares of these companies become publicly traded. According to a Nasdaq press release issued today this new marketplace, which will be called The Nasdaq Private Market, will “provide improved access to liquidity for early investors, founders and employees while enabling the efficient buying and selling of private company shares”.

Nasdaq will own the majority of and will control this joint venture, but the joint venture will use SharesPost’s existing trading platforms and infrastructure. The joint venture will be run by SharesPost founder Greg Brogger. Depending on the speed of regulatory approval, this new market for unlisted shares could be operational later this year.

This move makes good sense for Nasdaq because it should help them to begin to rebuild their credibility with up and coming companies and the technology industry. These market segments have traditionally been Nasdaq’s strength, but Nasdaq has been losing company listings (even from technology companies) to the NYSE and other exchanges. Nasdaq’s problems in attracting new technology company listings may be due to the significant negative issues that occurred in the initial public offering of Facebook’s shares last year. Nasdaq took a huge hit to its credibility as it was roundly blamed and criticized for the technical glitches that occurred with the Facebook offering. Some estimates say that major market makers and broker dealers lost more than $500 million in the Facebook IPO because of Nasdaq’s technical glitches. Nasdaq will also soon feel the economic effects of this matter as it reportedly offered as much as $62 million to settle associated claims and it now faces a possible $5 million fine from the SEC. For a good discussion of the current status of Nasdaq’s Facebook offering woes, see Charlie Osborne’s post on ZDNet.

This new relationship should also be very beneficial to SharesPost. SharesPost, which began operations in 2009, experienced substantial success in facilitating trading of shares of unlisted companies. The company provided the platform for trading in unlisted securities of high visibility technology companies such as LinkedIn and Facebook before these companies’ securities became publicly traded. SharesPost eventually encountered regulatory scrutiny, however, and the SEC brought an action against the company for failure Continue Reading Potential good news for growth companies: Nasdaq to set up new private market for unlisted stocks

Senator Jay Rockefeller (D., West Virginia), the most vocal proponent of cybersecurity legislation, has renewed his focus on cybersecurity legislation. He has sponsored previous cybersecurity-related legislation, but has been unable to implement any meaningful legislation in this area. His prior sponsorship of the proposed Cybersecurity Act of 2012 initially seemed to draw support in the Senate, but it encountered strong opposition from the United States Chamber of Commerce. The Chamber strongly criticized this proposed legislation and went so far as to state that the Chamber would include senators’ votes on this proposed legislation in its annual “How They Voted” survey. In any case, this proposed legislation was not passed in 2012.

Approximately 300 companies responded to the Senator’s letter. The companies that responded were predominantly larger members of the Fortune 500. According to the Staff Memorandum, the overall responses of the companies were favorable to potential cybersecurity legislation (with some important caveats).

There has been some important movement on cybersecurity issues outside of the SEC. While this does not directly pertain to disclosure of these items, public companies should pay close attention to these developments since they may provide some valuable guidance in this area. These developments also confirm the importance of cybersecurity issues and support my position that the SEC will probably soon mandate additional disclosure requirements for cybersecurity items.

On September 19, 2012 Senator John D. Rockefeller IV (D, West Va.) sent a letter to the CEOs of all Fortune 500 companies posing questions about these companies’ cybersecurity policies and related issues. His letter asked these companies to evaluate their roles and responsibilities in connection with cybersecurity legislation and reform and to work with the Federal government to successfully enact cybersecurity legislation. Responses to this letter are voluntary, but it is likely that most of these companies will respond in some fashion. The companies’ responses were requested by October 19, 2012.

Senator Rockefeller has long been a very strong proponent of cybersecurity legislation, and he is clearly frustrated with the lack of progress in this area. He was instrumental in the introduction of both the Cybersecurity Act of 2010 and the Cybersecurity Act of 2012, both of which failed to gain Senate approval. The proposed Cybersecurity Act of 2012 was defeated by a filibuster in August 2012, and in his letter Senator Rockefeller attributes this filibuster to opposition from business and trade groups, particularly the United States Chamber of Commerce. He has supported President Obama’s proposed use of an executive order to enact cybersecurity protection outside of the legislative process, and he references this in his letter. Based on the language of his letter, however, Continue Reading Cybersecurity issues continue to draw attention

A number of well-known companies, including Zappos.com, Google, Quest Diagnostics, Eastman Chemcial and AIG, have recently experienced actual or potential intrusions into their computer systems and related confidential data. Some of these incidents have been active criminal attacks by sophisticated hackers, while others have resulted from situations such as lost or stolen laptops. The frequency and severity of hacking incidents have been steadily increasing. In fact, virtually all companies today are subject to the risks of such incidents due to the widespread use of Internet and information technology. The advent of a substantial mobile workplace with workers accessing data remotely through smartphones, tablets, laptops and other devices has also multiplied companies’ risks in this area.

As the risks have increased, the SEC has been recently increasing the pressure on public companies to disclose “hacking” and other cyberintrustion incidents in their regulatory filings. There are still no SEC rules governing such disclosure, but I believe that this has clearly become a high priority disclosure item. I also foresaw these increased cybersecurity disclosure requirements in my prior blog post (“Get Ready for Increased Cybersecurity Disclosure Requirements”). Public companies that experience a hacking or other cyberintrustion incident should carefully review the recent actions taken by the SEC and other public companies that have experienced these incidents.

The SEC took a major step in encouraging disclosure of hacking and other cybersecurity items with its issuance of “2011 CF Disclosure Guidance: Topic No. 2 (Cybersecurity)” (the “Release”) in October 2011. This Release only provided general guidance on disclosure of cyberincidents. The SEC has not yet developed any rules or regulations on cybersecurity or hacking incident disclosure, although we believe that such rules and regulations will be enacted at some point soon. In any case, based on recent events it appears that the Commission is strongly encouraging such disclosure despite the lack of existing rules and, in some cases, engaging in de facto rulemaking.

Post navigation

About this Blog

The Securities Edge is published by Gunster’s Securities and Corporate Governance Practice. Our blog focuses on securities law topics of interest to executives of middle market businesses. We try to focus on the most important issues of the day and distill the complex and convoluted into easy to understand blog posts so company executives can get up to speed and move on to what’s really important: running their business.